Lucene search
K

7082 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/27 12:0 a.m.42 views

SUSE SLES15 Security Update : squid (SUSE-SU-2020:0493-1)

This update for squid to version 4.10 fixes the following issues : Security issues fixed : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. CVE-2020-8450: Fixed a buffer...

7.5CVSS7.1AI score0.7179EPSS
Exploits0References12
Kitploit
Kitploit
added 2020/02/26 8:30 p.m.77 views

ABD - Course Materials For Advanced Binary Deobfuscation

Advanced Binary Deobfuscation This repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp GCC Tokyo in 2020. Course Abstract Reverse engineering is not easy, especially if a binary code is obfuscated. Once obfuscation performed, the binary would...

7.5AI score
Exploits0References2
CNVD
CNVD
added 2020/02/26 12:0 a.m.2 views

ISPConfig SQL Injection Vulnerability

ISPConfig is an open source web hosting management program for Linux with a Web control panel , you can use the Web control panel to manage web hosting , open a website , open a mailbox , open and manage mysql databases , support for DNS resolution and monitor the server's operating conditions an...

9.8CVSS7.9AI score0.01266EPSS
Exploits0References1
OSV
OSV
added 2020/02/25 9:15 p.m.3 views

CVE-2020-9398

ISPConfig before 3.1.15p3, when the undocumented reverseproxypanelallowed=sites option is manually enabled, allows SQL Injection...

9.8CVSS7.3AI score0.01266EPSS
Exploits0References1
Veracode
Veracode
added 2020/02/25 7:52 a.m.41 views

HTTP Request Smuggling

tomcat-coyote is vulnerable to HTTP request smuggling. The vulnerability exists due to mishandling of incorrect transfer encoding headers introduced by a regression if server is placed after a reverse proxy...

4.8CVSS1.2AI score0.08872EPSS
Exploits0References14Affected Software2
RedhatCVE
RedhatCVE
added 2020/02/25 7:49 a.m.40 views

CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...

5.8CVSS7.3AI score0.08872EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/02/25 6:40 a.m.57 views

CVE-2020-1935

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS7.6AI score0.09386EPSS
Exploits0References6
OSV
OSV
added 2020/02/24 10:15 p.m.38 views

CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...

4.8CVSS6.1AI score
Exploits0References11
OSV
OSV
added 2020/02/24 10:15 p.m.1 views

DEBIAN-CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...

4.8CVSS7.3AI score0.08872EPSS
Exploits0References1
Prion
Prion
added 2020/02/24 10:15 p.m.41 views

Design/Logic Flaw

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse...

5.8CVSS7.1AI score0.09386EPSS
Exploits0References19Affected Software19
UbuntuCve
UbuntuCve
added 2020/02/24 10:15 p.m.38 views

CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...

5.8CVSS7AI score0.08872EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/02/24 10:15 p.m.70 views

CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse...

5.8CVSS7AI score0.09386EPSS
Exploits0References3
OSV
OSV
added 2020/02/24 10:15 p.m.1 views

UBUNTU-CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse...

4.8CVSS6.8AI score0.09386EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/02/24 9:4 p.m.36 views

CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...

5.8CVSS7.7AI score0.08872EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/02/24 12:0 a.m.39 views

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4289-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4289-1 advisory. Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue ...

7.5CVSS7.6AI score0.7179EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/02/21 12:0 a.m.914 views

Apache Tomcat 9.0.0.M1 < 9.0.31 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.31. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.31security-9 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to...

9.8CVSS8.6AI score0.9927EPSS
Exploits45References11
OSV
OSV
added 2020/02/20 3:17 p.m.2 views

USN-4289-1 squid, squid3 vulnerabilities

Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. CVE-2019-12528 Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote...

7.5CVSS7.1AI score0.7179EPSS
Exploits0References5
exploitpack
exploitpack
added 2020/02/17 12:0 a.m.23 views

Avaya Aura Communication Manager 5.2 - Remote Code Execution

Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/17 12:0 a.m.120 views

Avaya Aura Communication Manager 5.2 Remote Code Execution

Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory: https://downloads.avaya.com/css/P8/documents/100183151 Exploit generates a reverse shel...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/17 12:0 a.m.930 views

Avaya Aura Communication Manager 5.2 - Remote Code Execution

Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory: https://downloads.avaya.com/css/P8/documents/100183151 Exploit generates a reverse shel...

7.4AI score
Exploits0
Rows per page
Query Builder